[openstack-dev] [All] Disabling Pushes of new Gerrit Draft Patchsets

Clark Boylan clark.boylan at gmail.com
Wed May 21 23:24:56 UTC 2014


Hello everyone,

Gerrit has long supported "Draft" patchsets, and the infra team has long
recommended against using them as they are a source of bugs and
confusion (see below for specific details if you are curious). The newer
version of Gerrit that we recently upgraded to allows us to prevent
people from pushing new Draft patchsets. We will take advantage of this
and disable pushes of new Drafts on Friday May 30, 2014.

The impact of this change should be small. You can use the Work in
Progress state instead of Drafts for new patchsets. Any existing
Draft patchsets will remain in a Draft state until it is published.

Now for the fun details on why drafts are broken.

* Drafts appear to be "secure" but they offer no security. This is bad
  for user expectations and may expose data that shouldn't be exposed.
* Draft patchsets pushed after published patchsets confuse reviewers as
  they cannot vote with a value because the latest patchset is hidden.
* Draft patchsets confuse the Gerrit event stream output making it
  difficult for automated tooling to do the correct thing with Drafts.
* Child changes of Drafts will fail to merge without explanation.

Let us know if you have any questions,

Clark (on behalf of the infra team)



More information about the OpenStack-dev mailing list